Arbitrary Code Execution Vulnerability in IBM WebSphere Application Server Liberty OpenID Connect

Arbitrary Code Execution Vulnerability in IBM WebSphere Application Server Liberty OpenID Connect

CVE-2018-1851 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

IBM WebSphere Application Server Liberty OpenID Connect could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization. By sending a specially-crafted request to the RP service, an attacker could exploit this vulnerability to execute arbitrary code. IBM X-Force ID: 150999.

Learn more about our Cis Benchmark Audit For Ibm Websphere.